Cease and Detect: Thorium Is CISA and Sandia’s Free Strike Against Evolving Malware Threats

• Malware protection: CISA’s free anti-malware tool, Thorium, helps assess and combat malware in an innovative way.
• Who can use it: Both public and private sector users can benefit from this automated tool, marking a step towards fortified defenses.
• Thorium capabilities: Each user can enjoy its capabilities of processing up to 10 million files per hour and scheduling over 1,700 jobs per second.

Thorium, a groundbreaking anti-malware platform designed to revolutionize defense strategies, was launched today. Developed by the Cybersecurity and Infrastructure Security Agency (CISA) in partnership with Sandia National Laboratories, Thorium is a powerful, automated tool.

It is available at no cost to public and private sector users, and comprehensive installation instructions are available on CISA’s website.

Capabilities of the Thorium Tool  

Thorium offers unprecedented performance, capable of scheduling over 1,700 jobs per second and processing up to 10 million files per hour per user. 

The platform uses a highly customizable framework, allowing users to adapt it to evolving malware threats by adding or removing specific tools as needed. This dynamic capability ensures seamless malware analysis and efficient threat mitigation, enhancing operational security.  

Thorium automates processes that typically demand significant time and manual effort, equipping organizations with a streamlined approach to detect, analyze, and defend against malicious software. 

“President Trump and Secretary Noem are getting CISA back on mission, and the release of CISA’s new anti-malware tool, Thorium, is the next step towards that goal. Just like individual tools in a toolbox, certain anti-malware systems are meant to be combat-specific,” said Assistant Secretary Tricia McLaughlin. 

Benefits for Cybersecurity Defense  

Whether reacting to a specific attack or proactively safeguarding systems, Thorium empowers cybersecurity teams with tools to maintain robust defenses. This scalable, industry-leading solution for combating malware is positioned as a pivotal innovation in cybersecurity.  

Just recently, a new CISA advisory disclosed updates on the Scattered Spider Ransomware group, noting enhanced TTPs.